Activating SSL Settings

The following procedure specifies global SSL encryption settings that apply to all ports on the server. For information about specifying a keystore file for a specific FTP, FTPS, HTTP, or HTTPS port, see Specifying a Keystore File for a Port.

To activate SSL settings

1. In My webMethods: Administration > Integration > Managed File Transfer > Server Management.

2. Select the server instance. For details, see Selecting the Instance to Work With.

3. Click the Encryption tab.

4. In the SSL section, click Activate.

5. For Keystore Location, specify the path to the keystore file (for example, “C:\keystore” on Windows and “/usr/keystore” on UNIX).

6. In the Keystore Password box, type the keystore password.

7. In the Private Key Password box, type the private key password.

8. If you want to allow connections only for clients with a valid client certificate, select Require valid client certificate.

When this option is selected, ActiveTransfer Server expects the clients requesting a server connection to present a valid certificate. The certificate should match one of the certificates stored in the truststore.

For details on how to map client certificates to users, see User Certificate Mapping.

When establishing a connection with the server, ActiveTransfer validates only the client certificate but not the password.

Tip:
To store valid certificates:

a. Create a truststore file in the same location as the keystore file named keystoreName_trust. For example, if the keystore file name is server_ks.jks, the truststore file name should be server_ks.jks_trust.

b. Add the valid client certificates to this truststore.

9. If you want to use the SSL keystore settings for file upload and download operations using acceleration, select the Enable advanced upload/download option in web client check box.

10. Click Save.